Možda tražite i:
MSN Messenger hit by virus, outage
Virus preko MSN-a??!! HELP
MSN virus
msn virus

MyCity » Ambulanta -> Arhiva Ambulante » virus s msn-a!

virus s msn-a!

Napisano na dan: 26.3.2009

virus s msn-a!

Sledeća strana

Pagination

Odgovori

lauralei Poslao: 26 Mar 2009 19:00 Idi na vrh
offline lauralei Novi MyCity građanin Pridružio: 26 Mar 2009 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! imam problem... vjerovatno sam pokupila neki virus sa neta... kompjuter mi shtopa, mozilla isto (cak se pojavljuju i neki cudni zvukovi dok surfam), gubi mi se kursor sa desktopa i ljudima koji su online na msn-u shalje linkove virusa... i dok sam na msn-u otvara mi i zatvara prozore razgovora i ne reaguje na komande... pomozite miiiiiiii!!!!!!! Dopuna: 26 Mar 2009 19:00 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:53:10, on 26.3.2009 Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.3264) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Google\Update\GoogleUpdate.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Amar\Desktop\seaa\pom.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = google.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = google.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = google.com O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user') O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=www.google.com O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe O23 - Service: Google Update Service (gupdate1c99c16eeb7b440) (gupdate1c99c16eeb7b440) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe -- End of file - 6137 bytes

Profil

dr_Bora Poslao: 26 Mar 2009 20:06 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Pozdrav... Pokreni ESET Smart Security/ESET NOD32 na sledeci nacin : Start>All Programs>ESET>ESET Smart Security ili pak ESET NOD32 Antivirus(ukoliko koristis samo Antivirus resenje). * Kada ti se otvori glavni prozor programa, klikni na Setup opciju sa leve strane prozora; * Izaberi Antivirus and antispyware opciju i klikni na Temporarily disable Antivirus and antispyware protection. * Na sledece pitanje klikni Yes. Skini ComboFix sa jedne od sledecih adresa na Desktop: http://download.bleepingcomputer.com/sUBs/ComboFix.exe http://www.forospyware.com/sUBs/ComboFix.exe http://subs.geekstogo.com/ComboFix.exe Startuj ga i ne diraj prozor programa dok skenira. Sledi uputstva na ekranu. Kada zavrsi pojavice se log (C:\ComboFix.txt) koji ces nam ovde iskopirati.

Profil

lauralei Poslao: 26 Mar 2009 21:28 Idi na vrh
offline lauralei Novi MyCity građanin Pridružio: 26 Mar 2009 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ComboFix 09-03-25.04 - Amar 2009-03-26 21:19:24.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1250.1.1033.18.1151.702 [GMT 1:00] Running from: c:\documents and settings\Amar\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 3.0 On-access scanning disabled (Updated) * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\fxstaller.exe c:\windows\system32\d3d10core.dll c:\windows\system32\kernel32new.dll c:\windows\system32\msvcrtnew.dll . ((((((((((((((((((((((((( Files Created from 2009-02-26 to 2009-03-26 ))))))))))))))))))))))))))))))) . 2009-03-26 18:15 . 2007-12-01 00:26 116,224 --a--c--- c:\windows\system32\dllcache\xrxwiadr.dll 2009-03-26 18:15 . 2001-08-17 22:37 99,865 --a--c--- c:\windows\system32\dllcache\xlog.exe 2009-03-26 18:15 . 2008-02-27 09:34 28,288 --a--c--- c:\windows\system32\dllcache\OLD11E6.tmp 2009-03-26 18:15 . 2001-08-17 22:37 27,648 --a--c--- c:\windows\system32\dllcache\xrxftplt.exe 2009-03-26 18:15 . 2001-08-17 22:36 23,040 --a--c--- c:\windows\system32\dllcache\xrxwbtmp.dll 2009-03-26 18:15 . 2007-11-30 15:15 19,455 --a--c--- c:\windows\system32\dllcache\wvchntxx.sys 2009-03-26 18:15 . 2007-11-30 17:32 19,200 --a--c--- c:\windows\system32\dllcache\wstcodec.sys 2009-03-26 18:15 . 2007-12-01 00:26 18,944 --a--c--- c:\windows\system32\dllcache\xrxscnui.dll 2009-03-26 18:15 . 2001-08-17 12:11 16,970 --a--c--- c:\windows\system32\dllcache\xem336n5.sys 2009-03-26 18:15 . 2007-11-30 15:15 12,063 --a--c--- c:\windows\system32\dllcache\wsiintxx.sys 2009-03-26 18:15 . 2001-08-17 22:37 4,608 --a--c--- c:\windows\system32\dllcache\xrxflnch.exe 2009-03-26 18:14 . 2001-08-17 13:28 771,581 --a--c--- c:\windows\system32\dllcache\winacisa.sys 2009-03-26 18:14 . 2001-08-17 13:28 701,386 --a--c--- c:\windows\system32\dllcache\wdhaalba.sys 2009-03-26 18:14 . 2007-11-30 15:16 154,624 --a--c--- c:\windows\system32\dllcache\wlluc48.sys 2009-03-26 18:14 . 2001-08-17 22:36 87,040 --a--c--- c:\windows\system32\dllcache\wiafbdrv.dll 2009-03-26 18:14 . 2001-08-17 22:36 53,760 --a--c--- c:\windows\system32\dllcache\wiamsmud.dll 2009-03-26 18:14 . 2001-08-17 12:10 35,871 --a--c--- c:\windows\system32\dllcache\wbfirdma.sys 2009-03-26 18:14 . 2001-08-17 12:12 34,890 --a--c--- c:\windows\system32\dllcache\wlandrv2.sys 2009-03-26 18:14 . 2007-11-30 17:31 31,744 --a--c--- c:\windows\system32\dllcache\wceusbsh.sys 2009-03-26 18:14 . 2007-11-30 15:15 23,615 --a--c--- c:\windows\system32\dllcache\wch7xxnt.sys 2009-03-26 18:14 . 2007-11-30 17:31 8,832 --a--c--- c:\windows\system32\dllcache\wmiacpi.sys 2009-03-26 18:12 . 2001-08-17 22:36 525,568 --a--c--- c:\windows\system32\dllcache\tridxp.dll 2009-03-26 18:11 . 2001-08-17 14:56 147,200 --a--c--- c:\windows\system32\dllcache\smidispb.dll 2009-03-26 16:28 . 2007-11-30 16:03 404,990 --a--c--- c:\windows\system32\dllcache\slntamr.sys 2009-03-26 16:27 . 2001-08-17 14:56 252,032 --a--c--- c:\windows\system32\dllcache\sis300iv.dll 2009-03-26 16:27 . 2001-08-17 22:36 238,592 --a--c--- c:\windows\system32\dllcache\sisgrv.dll 2009-03-26 16:27 . 2001-08-17 14:56 150,144 --a--c--- c:\windows\system32\dllcache\sis6306v.dll 2009-03-26 16:27 . 2001-08-17 12:50 104,064 --a--c--- c:\windows\system32\dllcache\sisgrp.sys 2009-03-26 16:27 . 2001-08-17 12:50 101,760 --a--c--- c:\windows\system32\dllcache\sis300ip.sys 2009-03-26 16:27 . 2001-08-17 12:50 68,608 --a--c--- c:\windows\system32\dllcache\sis6306p.sys 2009-03-26 16:27 . 2007-11-30 17:31 40,960 --a--c--- c:\windows\system32\dllcache\sisagp.sys 2009-03-26 16:27 . 2007-11-30 15:16 32,768 --a--c--- c:\windows\system32\dllcache\sisnic.sys 2009-03-26 16:27 . 2008-02-27 09:33 18,944 --a--c--- c:\windows\system32\dllcache\OLDFE9.tmp 2009-03-26 16:27 . 2007-12-01 00:25 3,901 --a--c--- c:\windows\system32\dllcache\siint5.dll 2009-03-26 16:26 . 2001-07-21 14:29 161,568 --a--c--- c:\windows\system32\dllcache\sgsmusb.sys 2009-03-26 16:24 . 2001-08-17 13:28 899,146 --a--c--- c:\windows\system32\dllcache\r2mdkxga.sys 2009-03-26 16:23 . 2007-12-01 00:25 4,274,816 --a--c--- c:\windows\system32\dllcache\nv4_disp.dll 2009-03-26 16:22 . 2008-02-27 09:32 1,875,968 --a--c--- c:\windows\system32\dllcache\OLDE30.tmp 2009-03-26 16:21 . 2001-08-17 13:28 802,683 --a--c--- c:\windows\system32\dllcache\ltsm.sys 2009-03-26 16:20 . 2008-02-27 09:32 1,158,818 --a--c--- c:\windows\system32\dllcache\OLDDAF.tmp 2009-03-26 16:19 . 2008-02-27 09:32 10,129,408 --a--c--- c:\windows\system32\dllcache\OLDC30.tmp 2009-03-26 16:18 . 2008-02-27 09:32 10,096,640 --a--c--- c:\windows\system32\dllcache\OLDC26.tmp 2009-03-26 16:17 . 2001-08-17 12:15 455,680 --a--c--- c:\windows\system32\dllcache\fus2base.sys 2009-03-26 16:16 . 2001-08-17 12:14 952,007 --a--c--- c:\windows\system32\dllcache\diwan.sys 2009-03-26 16:15 . 2008-02-27 09:32 1,677,824 --a--c--- c:\windows\system32\dllcache\OLD94D.tmp 2009-03-26 16:14 . 2001-08-17 13:28 871,388 --a--c--- c:\windows\system32\dllcache\bcmdm.sys 2009-03-26 16:13 . 2001-08-17 14:56 342,336 --a--c--- c:\windows\system32\dllcache\banshee.dll 2009-03-26 16:12 . 2007-12-01 00:25 870,784 --a--c--- c:\windows\system32\dllcache\ati3d1ag.dll 2009-03-26 16:11 . 2007-11-30 18:22 2,145,280 --a--c--- c:\windows\system32\dllcache\ntkrnlmp.exe 2009-03-26 16:10 . 2009-03-26 18:15 <DIR> d-------- c:\windows\LastGood 2009-03-26 15:13 . 2009-03-26 15:13 <DIR> d-------- c:\program files\Microsoft 2009-03-26 15:13 . 2009-03-26 21:16 <DIR> d-------- c:\documents and settings\Amar\Tracing 2009-03-26 15:12 . 2009-03-26 15:12 <DIR> d-------- c:\program files\Windows Live SkyDrive 2009-03-26 15:12 . 2009-03-26 15:13 <DIR> d-------- c:\program files\Windows Live 2009-03-26 15:07 . 2009-03-26 15:07 <DIR> d-------- c:\program files\Common Files\Windows Live 2009-03-21 18:33 . 2009-03-21 18:33 <DIR> d-------- c:\windows\Sun 2009-03-17 20:01 . 2009-03-17 20:01 <DIR> d-------- c:\documents and settings\Amar\Application Data\HP 2009-03-17 19:32 . 2009-03-17 19:32 <DIR> d-------- c:\documents and settings\Amila\Application Data\Image Zone Express 2009-03-17 19:31 . 2009-03-17 19:31 <DIR> d---s---- c:\documents and settings\Amila\UserData 2009-03-17 19:30 . 2009-03-17 19:30 <DIR> d-------- c:\documents and settings\Amila\Application Data\HP 2009-03-17 19:29 . 2009-03-17 19:29 <DIR> d-------- c:\documents and settings\All Users\Application Data\HP 2009-03-17 19:28 . 2009-03-17 19:29 <DIR> d-------- c:\program files\Common Files\HP 2009-03-17 19:26 . 2009-03-17 19:26 <DIR> d-------- c:\program files\Hewlett-Packard 2009-03-17 19:26 . 2009-03-17 19:26 <DIR> d-------- c:\program files\Common Files\Hewlett-Packard 2009-03-17 19:25 . 2006-01-03 18:12 77,824 -ra------ c:\windows\system32\HPZIDS01.dll 2009-03-17 19:25 . 2006-04-12 11:04 49,664 -ra------ c:\windows\system32\drivers\HPZid412.sys 2009-03-17 19:25 . 2006-04-10 14:03 48,128 --a------ c:\windows\system32\hpzll054.dll 2009-03-17 19:25 . 2006-04-12 11:04 16,496 -ra------ c:\windows\system32\drivers\HPZipr12.sys 2009-03-17 19:25 . 2007-11-30 17:28 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-03-17 19:25 . 2007-11-30 17:28 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys 2009-03-17 19:24 . 2006-03-03 21:03 282,680 --a------ c:\windows\system32\HPZidr12.dll 2009-03-17 19:24 . 2006-03-03 21:02 204,800 --a------ c:\windows\system32\HPZipr12.dll 2009-03-17 19:24 . 2006-03-03 21:02 94,208 --a------ c:\windows\system32\HPZipt12.dll 2009-03-17 19:24 . 2006-03-03 21:03 69,632 --a------ c:\windows\system32\HPZipm12.exe 2009-03-17 19:24 . 2006-03-03 21:03 65,536 --a------ c:\windows\system32\HPZinw12.exe 2009-03-17 19:24 . 2006-03-03 21:02 57,344 --a------ c:\windows\system32\HPZisn12.dll 2009-03-17 19:23 . 2009-03-17 19:29 <DIR> d-------- c:\program files\HP 2009-03-17 19:21 . 2009-03-17 19:34 117,673 --a------ c:\windows\hpoins11.dat 2009-03-13 14:03 . 1998-10-29 16:45 306,688 --a------ c:\windows\IsUninst.exe 2009-03-13 13:43 . 2008-02-27 09:34 221,184 --a------ c:\windows\system32\wmpns.dll 2009-03-12 19:56 . 2009-03-12 19:56 <DIR> d-------- c:\windows\USB Vibration 2009-03-12 19:56 . 2009-03-12 19:56 <DIR> d-------- c:\program files\USB Vibration 2009-03-12 19:56 . 2006-07-04 17:17 53,921 --a------ c:\windows\system32\drivers\hid7906.sys 2009-03-08 18:11 . 2007-11-30 17:31 25,856 --a------ c:\windows\system32\drivers\usbprint.sys 2009-03-08 18:11 . 2007-11-30 17:31 25,856 --a--c--- c:\windows\system32\dllcache\usbprint.sys 2009-03-08 10:40 . 2005-04-13 03:48 49,265 --a------ c:\windows\system32\jpicpl32.cpl 2009-03-08 10:39 . 2009-03-08 10:40 <DIR> d-------- c:\program files\Java 2009-03-08 10:36 . 2009-03-08 10:36 <DIR> d-------- c:\program files\LimeWire 2009-03-08 10:36 . 2009-03-08 10:36 <DIR> d-------- c:\program files\Common Files\Java 2009-03-07 14:59 . 2007-11-30 17:31 10,368 --a------ c:\windows\system32\drivers\hidusb.sys 2009-03-07 14:59 . 2007-11-30 17:31 10,368 --a--c--- c:\windows\system32\dllcache\hidusb.sys 2009-03-07 14:44 . 2009-03-07 14:44 <DIR> d-------- c:\program files\EA GAMES 2009-03-07 14:44 . 2005-05-26 15:34 2,297,552 --a------ c:\windows\system32\d3dx9_26.dll 2009-03-07 14:37 . 2009-03-07 14:37 <DIR> d-------- c:\program files\DAEMON Tools 2009-03-07 14:37 . 2009-03-07 14:37 223,128 --a------ c:\windows\system32\drivers\dtscsi.sys 2009-03-07 14:33 . 2009-03-07 14:33 664,064 --a------ c:\windows\system32\drivers\sptd.sys 2009-03-07 14:33 . 2009-03-07 14:33 96,384 --a------ c:\windows\system32\drivers\sptd6813.sys 2009-03-07 14:25 . 2009-03-07 14:33 <DIR> d-------- C:\NFS Most Wanted 2009-03-03 20:12 . 2009-03-03 20:12 <DIR> d-------- c:\documents and settings\Amila\Contacts 2009-03-03 20:11 . 2009-03-03 20:11 268 --ah----- C:\sqmdata00.sqm 2009-03-03 20:11 . 2009-03-03 20:11 244 --ah----- C:\sqmnoopt00.sqm 2009-03-03 19:20 . 2009-03-03 19:20 <DIR> d-------- c:\program files\BIHnet 2009-03-03 16:24 . 2009-03-03 16:25 <DIR> d-------- c:\documents and settings\Amila\Application Data\Winamp 2009-03-03 15:01 . 2000-06-26 22:52 266,293 --a------ c:\windows\system\MSVCRT.DLL 2009-03-03 14:54 . 2009-03-03 16:52 <DIR> d-------- c:\program files\Google 2009-03-03 14:54 . 2009-03-03 14:54 <DIR> d-------- c:\documents and settings\Amar\Application Data\Uniblue 2009-03-03 14:26 . 2009-03-03 14:26 <DIR> d-------- c:\program files\NOS 2009-03-03 14:26 . 2009-03-03 14:26 <DIR> d---s---- c:\documents and settings\Amar\UserData 2009-03-03 14:26 . 2009-03-03 14:26 <DIR> d-------- c:\documents and settings\All Users\Application Data\NOS 2009-03-03 00:20 . 2009-03-17 19:31 <DIR> d-------- c:\documents and settings\Amila 2009-03-03 00:20 . 2009-03-03 00:20 22 --a------ c:\windows\system32\ati64hlp.stb 2009-03-03 00:06 . 2009-03-13 14:07 <DIR> d-------- c:\program files\Common Files\Adobe 2009-03-02 23:10 . 2009-03-02 23:10 <DIR> d----c--- c:\windows\system32\DRVSTORE 2009-03-02 23:10 . 2009-03-03 14:25 <DIR> d-------- c:\documents and settings\Amar\Contacts 2009-03-02 22:39 . 2009-03-03 14:35 <DIR> d-------- c:\program files\Winamp 2009-03-02 22:39 . 2009-03-02 22:44 <DIR> d-------- c:\documents and settings\Amar\Application Data\Winamp 2009-03-02 22:35 . 2009-03-02 22:38 <DIR> d-------- c:\documents and settings\Amar\Application Data\vlc 2009-03-02 22:06 . 2007-11-30 19:17 146,048 --a------ c:\windows\system32\drivers\portcls.sys 2009-03-02 22:06 . 2007-11-30 19:17 146,048 --a--c--- c:\windows\system32\dllcache\portcls.sys 2009-03-02 22:06 . 2007-12-01 01:27 129,536 --a------ c:\windows\system32\ksproxy.ax 2009-03-02 22:06 . 2007-12-01 01:27 129,536 --a--c--- c:\windows\system32\dllcache\ksproxy.ax 2009-03-02 22:06 . 2007-11-30 18:30 60,160 --a------ c:\windows\system32\drivers\drmk.sys 2009-03-02 22:06 . 2007-11-30 18:30 60,160 --a--c--- c:\windows\system32\dllcache\drmk.sys 2009-03-02 22:06 . 2007-11-30 18:30 60,032 --a------ c:\windows\system32\drivers\USBAUDIO.sys 2009-03-02 22:06 . 2007-11-30 18:30 60,032 --a--c--- c:\windows\system32\dllcache\usbaudio.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-03-20 08:05 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help 2009-03-12 18:56 --------- d--h--w c:\program files\InstallShield Installation Information 2009-03-02 21:01 716,153 ----a-w c:\windows\system32\unins000.exe 2009-03-02 20:56 --------- d-----w c:\program files\Common Files\InstallShield 2009-03-02 20:54 --------- d-----w c:\program files\ATI Technologies 2009-03-02 20:44 --------- d-----w c:\program files\VideoLAN 2009-03-02 20:38 --------- d-----w c:\program files\ESET 2009-03-02 20:38 --------- d-----w c:\documents and settings\All Users\Application Data\ESET 2009-03-02 20:31 --------- d-----w c:\program files\Microsoft Works 2009-03-02 20:30 --------- d-----w c:\program files\MSBuild 2009-03-02 20:14 --------- d-----w c:\program files\microsoft frontpage 2009-02-06 17:52 49,504 ----a-w c:\windows\system32\sirenacm.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-02-27 15360] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-02-06 3885408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2008-03-13 1443072] "ATIPTA"="c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-06-28 344064] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2008-08-04 36352] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 39792] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-11-08 128920] "BluetoothAuthenticationAgent"="bthprops.cpl" [2008-02-27 c:\windows\system32\bthprops.cpl] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-02-27 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_3"="advpack.dll" [2008-02-27 c:\windows\system32\advpack.dll] c:\documents and settings\Amar\Start Menu\Programs\Startup\ OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [10/26/2006 8:24:54 PM 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/13/2009 2:07:16 PM 113664] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2/19/2006 4:21:22 AM 288472] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "ForceClassicControlPanel"= 1 (0x1) [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= R0 m5288;m5288;c:\windows\system32\drivers\m5288.sys [3/2/2009 9:56:42 PM 210304] R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [3/13/2008 4:52:18 PM 33800] R2 ekrn;Eset Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [3/13/2008 4:49:56 PM 472320] R3 hid7906;hid7906;c:\windows\system32\drivers\hid7906.sys [3/12/2009 7:56:17 PM 53921] S2 gupdate1c99c16eeb7b440;Google Update Service (gupdate1c99c16eeb7b440);c:\program files\Google\Update\GoogleUpdate.exe [3/3/2009 4:44:25 PM 133104] S3 Asushwio;Asushwio;c:\windows\system32\drivers\ASUSHWIO.SYS [3/2/2009 9:53:17 PM 5824] S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [3/3/2009 2:26:55 PM 33752] --- Other Services/Drivers In Memory --- NewlyCreated - APPMGMT NewlyCreated - AUJASNKJ Deregistered - aujasnkj . Contents of the 'Scheduled Tasks' folder 2009-03-26 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-03 16:44] . - - - - ORPHANS REMOVED - - - - HKCU-Run-Uniblue RegistryBooster 2009 - c:\program files\Uniblue\RegistryBooster\RegistryBooster.exe HKLM-Run-VVSN - c:\program files\VVSN\VVSN.exe . ------- Supplementary Scan ------- . uStart Page = google.com IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Amar\Application Data\Mozilla\Firefox\Profiles\81piulsy.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.ba/ FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll . ************************************************************************ catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, gmer.net Rootkit scan 2009-03-26 21:20:51 Windows 5.1.2600 Service Pack 3, v.3264 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(704) c:\windows\system32\Ati2evxx.dll . Completion time: 2009-03-26 21:22:02 ComboFix-quarantined-files.txt 2009-03-26 20:21:57 Pre-Run: 16.303.026.176 bytes free Post-Run: 17,855,975,424 bytes free 265 evo log-a ,nadam se da je ok!

Profil

dr_Bora Poslao: 26 Mar 2009 21:42 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Preuzmi gmer.zip sa ovog linka i sačuvaj na Desktopu. Raspakuj ga u neki folder. Dupli klik na gmer.exe za početak: Izaberi Rootkit/Malware Tab na vrhu. Klikni na Scan. Kada je skeniranje završeno, klik na Copy dugme ispod - ovo će sačuvati rezultate skeniranja u Clipboard. Iskoristi opciju Paste u Notepad-u da bi to prebacio u tekst. Snimi taj tekst iz Notepada kao file1.txt. Ponovi ovo isto sa Autostart Tab-om. Snimi taj tekst iz Notepada kao file2.txt. Iskoristi opciju Prikači fajl ispod polja za pisanje poruke na forumu, i prikači nam ovde ta dva fajla koja smo malopre snimili.

Profil

lauralei Poslao: 26 Mar 2009 22:49 Idi na vrh
offline lauralei Novi MyCity građanin Pridružio: 26 Mar 2009 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Uloguj se preko Facebooka da bi skinuo fajl: mycity.rs/must-login.png mycity.rs/must-login.png eto ga ,sve je tu.

Profil

dr_Bora Poslao: 26 Mar 2009 23:22 Idi na vrh
offline dr_Bora Anti Malware Fighter Rank 2 Pridružio: 24 Jul 2007 Poruke: 12280 Gde živiš: Höganäs, SE	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! Kakvo je sada stanje?

Profil

lauralei Poslao: 26 Mar 2009 23:32 Idi na vrh
offline lauralei Novi MyCity građanin Pridružio: 26 Mar 2009 Poruke: 5	0Niko još nije pohvalio poruku. Registruj se da bi pohvalio/la poruku! ja mislim da je sada ok,ako se opet bude pojavljivao ,javim se.Hvala puno!

Profil

MyCity » Ambulanta -> Arhiva Ambulante » virus s msn-a!

Ko je trenutno na forumu

Ukupno su 1091 korisnika na forumu :: 41 registrovanih, 5 sakrivenih i 1045 gosta :: [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:: Korisnici trenutno na forumu: A.R.Chafee.Jr., aramis s, avijacija, babaroga, bigfoot, bobomicek, bokisha253, Centauro, dule10savic, galerija, Georgius, Griffon vulture, Hexe, Karla, Kriglord, ljuba, loon123, Mad Serb, Marko Marković, mercedesamg, Mi lao shu, Millennium, mkukoleca, mocnijogurt, Nemanja.M, nenad81, nenooo, Neutral-M, Niko Bitan, Oscar2, panzerwaffe, Parker, repac, robertino, Shinobi, skvara, vathra, virked, zeo, Zimbabwe, zlaya011

Svaki korisnik ovog sajta je odgovoran za sadržaj svoje poruke koju objavi na sajtu. Sajt se odriče svake odgovornosti za sadržaj tih poruka.
Postavljanjem vaše poruke ili vašeg autorskog dela na ovaj sajt, saglasni ste da ovaj sajt postaje distributer vašeg dela, i odričete se mogućnosti njegovog povlačenja ili brisanja, bez saglasnosti uprave sajta.
Distribucija sadržaja sa ovog sajta je dozvoljena samo u nekomercijalne svrhe, uz obaveznu napomenu da je sadržaj preuzet sa ovog sajta, i uz obavezno navođenje adrese MyCity sajta. Za sve ostale vidove distribucije obavezni ste da prethodno zatražite odobrenje od vlasnika MyCity sajta.
MyCity pokrenuo, administrira i razvija Predrag Damnjanović, a o uređenju sajta se brine MyCity Tim.
Ukoliko želite da nas kontaktirate kliknite ovde.
Naši sajtovi:
Vesti, Vojni forum, Zaštita od virusa, TekstPesme.rs

This content is licensed under a Creative Commons License.
Based on phpBB 2, translated by Simke, designed by